aktivemofo
asked on
Remote Access to company mail
Hello,
I have a problem. My company has an internal Exchange 2003 Server, running on Windows 2003 SBS. This Exchange Server downloads mail from our webhost, and therefore does not directly receive mail for our domain. All mail forwarded to my email address first goes to our webhost, then our Exchange Server get is from there and distributes it accordingly.
I need to get remote access to my mail by the most secure means possible. We have a current network administrator that is paranoid about publishing internal resources onto the web, yet we NEED to get our mail remotely.
I have done ALOT of reading on this topic, and have decided to use MS ISA Server and Outlook Web Access (OWA) to facilitate access to the internal mail. That way, we will be able to log on from anywhere with an internet connection, and view our existing archive of mail.
This poses several problems (and questions) however.
Internet Connection - our internet connection is a home user ADSL type plan, with a dynamic IP address. The DSL line comes into our building and plugs straight into a 4 port DSL modem/router. Our server is then run off the router, as well as all our client machines. We do not have any dedicated hardware firewall devices. We are solely relying on the NAT firewall that is in our router. We have no DNS name mapped to any internal resources, our webhost host all mail and web content.
What would be the best way to get remote access to our OWA Mail? I can currently type SERVERNAME\EXCHANGE into internet explorer and get the OWA successfully. Our next step is to SECURELY publish this to make it accessible to the internet. Can anyone please give me an idea on wha the best way would be to configure ISA Server to allow secure remote access to the webmail?
Thankyou,
Dean.
I have a problem. My company has an internal Exchange 2003 Server, running on Windows 2003 SBS. This Exchange Server downloads mail from our webhost, and therefore does not directly receive mail for our domain. All mail forwarded to my email address first goes to our webhost, then our Exchange Server get is from there and distributes it accordingly.
I need to get remote access to my mail by the most secure means possible. We have a current network administrator that is paranoid about publishing internal resources onto the web, yet we NEED to get our mail remotely.
I have done ALOT of reading on this topic, and have decided to use MS ISA Server and Outlook Web Access (OWA) to facilitate access to the internal mail. That way, we will be able to log on from anywhere with an internet connection, and view our existing archive of mail.
This poses several problems (and questions) however.
Internet Connection - our internet connection is a home user ADSL type plan, with a dynamic IP address. The DSL line comes into our building and plugs straight into a 4 port DSL modem/router. Our server is then run off the router, as well as all our client machines. We do not have any dedicated hardware firewall devices. We are solely relying on the NAT firewall that is in our router. We have no DNS name mapped to any internal resources, our webhost host all mail and web content.
What would be the best way to get remote access to our OWA Mail? I can currently type SERVERNAME\EXCHANGE into internet explorer and get the OWA successfully. Our next step is to SECURELY publish this to make it accessible to the internet. Can anyone please give me an idea on wha the best way would be to configure ISA Server to allow secure remote access to the webmail?
Thankyou,
Dean.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The best practice is
_____ _______
---LAN(inside)--------/ ISA /----------| Router |----------->( ISP )
^^^^ =====
|
| [dmz]
__|___
/ Server/
---------
In this case, ISA can be used to isolate the servers ( Web, Mail, etc.) , VPN access inside, firewall and filter .
_____ _______
---LAN(inside)--------/ ISA /----------| Router |----------->( ISP )
^^^^ =====
|
| [dmz]
__|___
/ Server/
---------
In this case, ISA can be used to isolate the servers ( Web, Mail, etc.) , VPN access inside, firewall and filter .
Hi:
I have my Exchange server on the DMZ. When I use outllook 2003 , everything works fine.
BUT when I remove my server from DMZ, then outlook does not work and it gives the error message " Exchange server unavailable".
Please can any one help. I have ports, 80,110,25,3389, 443 and 445 open already on the router.
Thanks
I have my Exchange server on the DMZ. When I use outllook 2003 , everything works fine.
BUT when I remove my server from DMZ, then outlook does not work and it gives the error message " Exchange server unavailable".
Please can any one help. I have ports, 80,110,25,3389, 443 and 445 open already on the router.
Thanks
ASKER
Thankyou all for your suggestions.
Unfortunately, i could not convince my colleagues to consider a VPN. It looks like we will have to use ISA Server and publish the resources as needed.
What is the best practice to install an ISA Server? Does it HAVE to live in the DMZ? And if so, does the ISA Server software protect that actual machine - IE will it act as a desktop firewall for that particular box? We do not have (and cannot afford) any firewalls.. we pretty much have software only. If we did resolve to use ISA Server, would the setup be like this:
[INTERNET] --> [ROUTER] --> [ISA SERVER] --> [SWITCH] --> [INTERNAL LAN]
I think that the biggest problem i have is understanding where to put the ISA Server, and how many network cards does it need? So many of the guides i have read says that you need 2 NICs in the ISA box.. one for internal and one for external?
Once again, any suggestions are welcome.
Thanks in advance.
-DEAN.